Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-12-01 16:41:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
a2d2329e30
linux/security/integrity/ima
History
Christian Brauner a2d2329e30
ima: handle idmapped mounts 
IMA does sometimes access the inode's i_uid and compares it against the
rules' fowner. Enable IMA to handle idmapped mounts by passing down the
mount's user namespace. We simply make use of the helpers we introduced
before. If the initial user namespace is passed nothing changes so
non-idmapped mounts will see identical behavior as before.

Link: https://lore.kernel.org/r/20210121131959.646623-27-christian.brauner@ubuntu.com
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2021-01-24 14:27:20 +01:00
..
ima_api.c ima: handle idmapped mounts 2021-01-24 14:27:20 +01:00
ima_appraise.c ima: handle idmapped mounts 2021-01-24 14:27:20 +01:00
ima_asymmetric_keys.c ima: handle idmapped mounts 2021-01-24 14:27:20 +01:00
ima_crypto.c ima: Don't modify file descriptor mode on the fly 2020-11-29 07:02:53 -05:00
ima_efi.c ima: generalize x86/EFI arch glue for other EFI architectures 2020-11-06 07:40:42 +01:00
ima_fs.c fs/kernel_file_read: Add "offset" arg for partial reads 2020-10-05 13:37:04 +02:00
ima_init.c ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init() 2020-06-03 17:20:43 -04:00
ima_kexec.c integrity: Remove duplicate pr_fmt definitions 2020-02-28 14:32:58 -05:00
ima_main.c ima: handle idmapped mounts 2021-01-24 14:27:20 +01:00
ima_modsig.c ima: Move comprehensive rule validation checks out of the token parser 2020-07-20 13:28:15 -04:00
ima_mok.c Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs" 2019-07-10 18:43:43 -07:00
ima_policy.c ima: handle idmapped mounts 2021-01-24 14:27:20 +01:00
ima_queue_keys.c ima: handle idmapped mounts 2021-01-24 14:27:20 +01:00
ima_queue.c ima: Remove semicolon at the end of ima_get_binary_runtime_size() 2020-09-15 13:47:41 -04:00
ima_template_lib.c treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
ima_template_lib.h Replace HTTP links with HTTPS ones: security 2020-08-06 12:00:05 -07:00
ima_template.c ima: select ima-buf template for buffer measurement 2020-11-20 13:52:43 -05:00
ima.h ima: handle idmapped mounts 2021-01-24 14:27:20 +01:00
Kconfig Minor fixes for v5.9. 2020-08-11 14:30:36 -07:00
Makefile ima: generalize x86/EFI arch glue for other EFI architectures 2020-11-06 07:40:42 +01:00